Brazil's data protection authority, the Autoridade Nacional de Proteção de Dados, published a Q&A outlining proper procedures for data protection impact assessments. The 15-question document covers basic inquiries the covered entities have regarding process, preparation and requirements for performing DPIAs. The regulator indicated the list is a work in progress considering "additional obligations and parameters may be established by the ANPD in the future."